This post from last year was posted to a forum, so I thought I'd write up some rebuttals to their comments. The first comment is by David Chisnall, creator of CHERI C/C++, which proposes we c...
https://blog.erratasec.com/2024/02/c-can-be-memory-safe-part-2.html
The idea of memory-safe languages is in the news lately. C/C++ is famous for being the world's system language (that runs most things) but also infamous for being unsafe. Many want to solve this...
https://blog.erratasec.com/2023/02/c-can-be-memory-safe.html
Today is the 20th anniversary of the Slammer worm. I'm still angry over it, so I thought I'd write up my anger. This post will be of interest to nobody, it's just me venting my bitterness and get...
https://blog.erratasec.com/2023/01/im-still-bitter-about-slammer.html
I should write up a larger technical document on this, but in the meanwhile is this short (-ish) blogpost. EVERYTHING YOU KNOW ABOUT RISC IS WRONG. It's some weird nerd cult. Techies frequently m...
https://blog.erratasec.com/2022/10/the-risc-deprogrammer.html
In this blogpost, I describe the Synology DS620slim . Mostly these are notes for myself, so when I need to replace something in the future, I can remember how I built the system. It's a "NAS" (n...
https://blog.erratasec.com/2022/07/ds620slim-tiny-home-server.html
For the Beijing 2022 Winter Olympics, the Chinese government requires everyone to download an app onto their phone. It has many security/privacy concerns, as CitizenLab documents . However, anoth...
https://blog.erratasec.com/2022/01/no-researcher-didnt-find-olympics-app.html
The reason you don't really understand NFTs is because the journalists describing them to you don't understand them, either. We can see that when they attempt to sell an NFT as part of their stor...
https://blog.erratasec.com/2021/12/journalists-stop-selling-nfts-that-you.html
Tina Peters, the election clerk in Mesa County (Colorado) went rogue and dumped disk images of an election computer on the Internet. They are available on the Internet via BitTorrent ]], The Col...
https://blog.erratasec.com/2021/11/example-forensicating-mesa-county.html
The Alfa-Trump conspiracy-theory has gotten a new life. Among the new things is a report done by Democrat operative Daniel Jones ]. In this blogpost, I debunk that report. If you'll recall, the...
https://blog.erratasec.com/2021/10/debunking-that-jones-alfa-trump-report.html
One of the most important classic sci-fi stories is the book "Dune" from Frank Herbert. It was recently made into a movie. I thought I'd write a quick review. The summary is this: just read the...
Tina Peters, the elections clerk from Mesa County (Colorado) went rogue, creating a "disk-image" of the election server, and posting that image to the public Internet. Conspiracy theorists have b...
https://blog.erratasec.com/2021/10/fact-check-that-forensics-of-mesa-image.html
So, as a nerd, let's say you need 100 terabytes of home storage. What do you do? My solution would be a commercial NAS RAID, like from Synology , QNAP , or Asustor . I'm a nerd, and I have setu...
https://blog.erratasec.com/2021/10/100-terabyte-home-nas.html
Author: Robert Graham (@erratarob) Later today (Friday, September 24, 2021), Republican auditors release their final report on what they found with elections in Maricopa county. Draft copies of...
https://blog.erratasec.com/2021/09/check-that-republican-audit-of-maricopa.html
Five years ago, online magazine Slate broke a story about how DNS packets showed secret communications between Alfa Bank in Russia and the Trump Organization, proving a link that Trump denied. I...
https://blog.erratasec.com/2021/09/that-alfa-trump-sussman-indictment.html
I thought I'd write up a response to this question from well-known 4th Amendment and CFAA lawyer Orin Kerr: > Question for tech people related to "geofence" warrants served on > Goog...
https://blog.erratasec.com/2021/09/how-not-to-get-caught-in-law.html
Many people make the same claim as this tweet. It's obviously wrong. Yes,, the right-wing has a problem with science, but this isn't it. > If you think you don't trust scientists, you're...
https://blog.erratasec.com/2021/07/of-course-you-cant-trust-scientists-on.html
It's the second year of the pandemic and the DEF CON hacker conference wasn't canceled. However, the Delta variant is spreading. I thought I'd do a little bit of risk analysis. TL;DR: I'm not can...
https://blog.erratasec.com/2021/07/risk-analysis-for-def-con-2021.html
Many claim that "ransomware" is due to cybersecurity failures. It's not really true. We are adequately protecting users and computers. The failure is in the inability of cybersecurity guardians t...
https://blog.erratasec.com/2021/07/ransomware-quis-custodiet-ipsos-custodes.html
I'm trying to create perfect screen captures of SDR to explain the world of radio around us. In this blogpost, I'm going to discuss some of the imperfect captures I'm getting, specifically, some ...
https://blog.erratasec.com/2021/07/some-quick-notes-on-sdr.html
On Hacker News, this article claiming "You won't live to see a 128-bit CPU " is trending". Sadly, it was non-technical, so didn't really contain anything useful. I thought I'd write up some techn...
https://blog.erratasec.com/2021/06/when-well-get-128-bit-cpu.html
Today, somebody had a problem: they kept seeing a popup on their screen, and obvious scam trying to sell them McAfee anti-virus. Where was this coming from? In this blogpost, I follow this rabb...
https://blog.erratasec.com/2021/04/anatomy-of-how-you-get-pwned.html
The University of Minnesota (UMN) got into trouble this week for doing a study where they have submitted deliberately vulnerable patches into open-source projects, in order to test whether hostil...
https://blog.erratasec.com/2021/04/ethics-university-of-minnesotas-hostile.html
I thought I'd write up 4 technical questions about NFTs. They may not be the ones you ask, but they are the ones you should be asking. The questions: What does the token look like? How does it...
https://blog.erratasec.com/2021/03/a-quick-faq-about-nfts.html
"NFTs" have hit the mainstream news with the sale of an NFT based digital artwork for $69 million. I thought I'd write up an explainer. Specifically, I deconstruct that huge purchase and show wha...
https://blog.erratasec.com/2021/03/deconstructing-that-69million-nft.html
In the book 1984, the protagonist questions his sanity, because his memory differs from what appears to be everybody else's memory. > The Party said that Oceania had never been in all...
https://blog.erratasec.com/2021/02/we-are-living-in-1984-eternalblue.html